5789aaed94e5622393fe3be618388a78184ab26c8032af03ab42127804465aba | Triage

Submit
Reports

Overview

overview

8

Static

static

5789aaed94...ba.exe

windows7-x64

8

5789aaed94...ba.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5789aaed94e5622393fe3be618388a78184ab26c8032af03ab42127804465aba.exe

Resource

win7-20220901-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

5789aaed94e5622393fe3be618388a78184ab26c8032af03ab42127804465aba.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

5789aaed94e5622393fe3be618388a78184ab26c8032af03ab42127804465aba
Size

797KB
MD5

6a8b15a43788c681ea6114bcd4fba3d0
SHA1

2686811b052e3a3c06d82efd9b90f14ab8b231aa
SHA256

5789aaed94e5622393fe3be618388a78184ab26c8032af03ab42127804465aba
SHA512

f66f73ff1afa6a8e7ad294fe6f74d553e33931306997b7212eee0342a91f1c1c7a7e3b487c351d9a9b32730c880d7f67ab22067ab902530ccb7c433f9e640b9b
SSDEEP

24576:3uOL7/9gwJA7ZiyNPbbJEyruNopn6YpBbsiPH19c:+21gwJA97b1X6Y/bxPH19

Score

N/A

Malware Config

Signatures

Files

5789aaed94e5622393fe3be618388a78184ab26c8032af03ab42127804465aba
.exe windows x86

e962625639bab2d33e5a7f6e890ada5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateEventA
SetCommBreak
VirtualProtectEx
SetLastError
CloseHandle
GetFileAttributesW
DeviceIoControl
GetCurrentProcess
GetStringTypeA
GetFileAttributesW
GetPrivateProfileIntA
RemoveDirectoryW
HeapFree
GetPrivateProfileSectionA
GlobalLock
GetVersionExA
GetModuleHandleA
GetCurrentThread
CreateDirectoryW
FindClose
LocalFlags

user32

DispatchMessageA
PeekMessageW
GetWindowTextW
IsDialogMessageA
SetFocus
wsprintfW
IsZoomed
IsWindow
GetWindowLongW
DefDlgProcA
PostMessageW
SetCursorPos
LoadCursorA

msorcl32

SQLDisconnect
SQLConnect
SQLCancel
SQLError

ntshrui

IsPathSharedA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 699KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy